In order to address the high volume of sophisticated attacks, the more diffuse perimeters, the greater exposure of sensitive data, the shortage of specialized talent and the need to act quickly, cybersecurity co-piloted with generative artificial intelligence (AI) manages to drive efficiency and the evolution towards the autonomy of operations centers (SOC) in the management of alerts to know what has happened and, from there, respond and contain any threat.

Evolutio, a technology company expert in providing cloud and cybersecurity services, has managed to reduce the number of alerts by more than 40% in 2025, eliminating unnecessary noise and allowing us to focus on those classified as critical due to their high potential impact.

In collaboration with the National Cybersecurity Institute (INCIBE), they have created a multimodal model of specialized agents, based on large language models (LLM), which helps the “brain” of the SOC to search for information from external intelligence sources, internal repositories, network architecture or automation tools.

This flow allows security alerts to be enriched with context information such as the output of an intelligence analysis of a threat, an analysis of a file to identify malicious code, exposure of the asset and its criticality, internal documentation of network architecture or internal processes. All this information helps make the response more coherent and standardized without depending so much on the individual experience of the analyst.

An extra on traditional defenses

Co-piloted cybersecurity brings together the best of the human capacity of the security professional and intelligent technology: it reduces time, minimizes errors, enables metrics and statistical analysis to measure the quality of responses, while the system continually learns with each experience.

Evolutio provides the detection and protection capabilities that each client needs at all times within an environment of continuous change. This model not only allows you to increase security levels, but also to effectively anticipate, manage and reduce the risk of a possible cyber attack at any point in your technological ecosystem.

“This assistance does not replace traditional security based on known threats and techniques, but rather provides a more adaptive and creative approach in collaboration with the analyst, since human intervention is needed in a SOC,” explains Ricardo Sanz, Cybersecurity Director of Evolutio.

The co-piloted solution helps security experts leave aside the tactical approach, which reactively deals with alerts and prevents establishing appropriate strategies, for a vision more focused on identifying how cyber threats occur and developing the preventive phase.

If an indicator of compromise (IoC) appears, the surveillance system automatically distributes that information to all protection and detection tools in the organization to immediately block access or attack.

The irreplaceable value of the human analyst

AI is essential when it comes to assimilating large amounts of data and avoiding possible human failures due to fatigue, something very common when handling hundreds of similar alerts. However, the security expert will be the one who provides the appropriate context in terms of business objectives, specific needs and regulatory framework, among many other aspects, which will model the expected response from the AI. The professional is the one who trains, guides and gives meaning to the tool so that its results are useful, but he will also be the one in charge of decision-making and final responsibility.

In Evolutio’s own SOC that offers 24×7 protection to the public and private sectors, the combination of AI with the automation of specific tasks and orchestration for comprehensive management of alerts in all their phases multiplies the capacity of its professionals. Throughout 2025, more than 23,520 alerts were controlled, which represents a 40% reduction in the volume of warnings. By 2026, it is expected to reduce the number of alerts by another 30%, freeing up human analysts to dedicate themselves to investigating incidents of real value to the customer, contributing to improving the level of coverage and protection.

Cybersecurity supported by AI reduces alerts by more than 40%, eliminates noise and puts more focus on what is critical

Evolutio, through its AI Hub, is promoting the development of an ecosystem of AI agents, which is growing rapidly, laying the foundations for their future orchestration and intelligent coordination, with the aim of maximizing operational efficiency and value for customers in the face of cyber threats.

“In cybersecurity, absolute guarantees can never be given, but AI undoubtedly improves threat anticipation, reaction speed and overall effectiveness. We know that its adoption is influenced by the sectors to which organizations belong, their level of digital maturity or the skills of their staff, but it is not an option to waste these intelligent capabilities. Cybercriminals use AI to fine-tune their attack tactics successfully, so defenses cannot be left behind,” says Ricardo Sanz, from Evolutio. “Evolutio has taken a significant leap by betting on the evolution towards an autonomous SOC and an operation assisted by AI agents, a path that generates tangible results and will continue to progressively advance towards more automated and efficient models.”

Alex Chen
Alex Chen

Alex Chen serves as the chief editor of Asia Tech Journal, bringing over a decade of experience in technology journalism. Previously writing for several globally renowned publications, Alex is celebrated for his insightful analyses and in-depth reporting on tech trends across Asia. Passionate about innovation, Alex specializes in the dynamic technology ecosystem of China and its global impacts.